技能详情(站内镜像,无评论)
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.0
统计:⭐ 0 · 437 · 1 current installs · 1 all-time installs
⭐ 0
安装量(当前) 1
🛡 VirusTotal :可疑 · OpenClaw :良性
Package:1kalin/afrexai-data-governance
安全扫描(ClawHub)
- VirusTotal :可疑
- OpenClaw :良性
OpenClaw 评估
This is an instruction-only data governance scoring and remediation framework that contains no code, does not request credentials or installs, and its instructions align with the stated purpose.
目的
Name and description match the SKILL.md: a 6-domain governance assessment with scoring and remediation. There are no unrelated required env vars, binaries, or config paths that would be inconsistent with a governance framework.
说明范围
Runtime instructions are limited to asking the user which domains to assess, scoring 48 controls, computing metrics, and producing remediation roadmaps. The SKILL.md does not instruct reading system files, scanning environment variables, or sending data to external endpoints.
安装机制
No install spec and no code files — lowest-risk posture (instruction-only). Nothing is downloaded or written to disk by the skill itself.
证书
The skill declares no required environment variables, credentials, or config paths. It does discuss handling sensitive data conceptually (PII, provenance) but does not request secrets or external tokens.
持久
Flags are default (always:false, user-invocable:true, model invocation allowed). The skill does not request permanent presence or attempt to modify other skills or system-wide settings.
综合结论
This skill is a content/template-style governance framework and appears coherent with its description. Because it is instruction-only, it will not itself exfiltrate data or install code — however, be cautious about sharing actual organizational data or secrets when using it. If you plan to let an autonomous agent use this skill, restrict the agent's access to connectors that contain sensitive PII or credentials unless you explicitly approve th…
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「Data Governance Framework」。简介:Evaluate and improve your organization's data governance across six domains by …。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/1kalin/afrexai-data-governance/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
# Data Governance Framework
Assess, score, and remediate your organization's data governance posture across 6 domains.
## What This Covers
1. **Data Quality** — Completeness, accuracy, consistency, timeliness scoring
2. **Data Cataloging** — Asset inventory, lineage tracking, metadata management
3. **Access Control** — Role-based permissions, least privilege, data classification (public/internal/confidential/restricted)
4. **Compliance Mapping** — GDPR, CCPA, SOX, HIPAA, PCI-DSS, industry-specific regulations
5. **Retention & Lifecycle** — Retention policies, archival schedules, deletion procedures, legal hold
6. **AI/Agent Data Governance** — Training data provenance, model input/output logging, bias detection, PII handling in agent workflows
## How to Use
When asked to assess data governance:
1. Ask which domains are priority (or assess all 6)
2. For each domain, evaluate 8 controls on a 0-3 scale:
- 0 = Not implemented
- 1 = Ad hoc / informal
- 2 = Documented and partially enforced
- 3 = Automated and continuously monitored
3. Calculate domain score (sum / 24 × 100)
4. Calculate overall governance score (average of domains)
5. Generate remediation roadmap prioritized by risk
## Scoring Interpretation
| Score | Rating | Action |
|-------|--------|--------|
| 0-25% | Critical | Immediate remediation — regulatory risk |
| 26-50% | Developing | 90-day improvement plan required |
| 51-75% | Managed | Optimize and automate weak areas |
| 76-100% | Optimized | Maintain and benchmark against peers |
## Domain 1: Data Quality Controls
1. Data profiling automation (duplicate detection, format validation)
2. Quality dashboards with SLA thresholds
3. Root cause analysis for quality failures
4. Stewardship program (assigned data owners per domain)
5. Quality gates in data pipelines (reject bad data at ingestion)
6. Business rule validation (domain-specific logic checks)
7. Cross-system reconciliation (source vs target matching)
8. Quality trend tracking (month-over-month improvement metrics)
## Domain 2: Data Cataloging Controls
1. Automated asset discovery (databases, APIs, files, SaaS)
2. Business glossary with agreed definitions
3. Data lineage tracking (source → transformation → consumption)
4. Search and discovery interface for business users
5. Metadata enrichment (tags, classifications, sensitivity labels)
6. Catalog coverage tracking (% of assets documented)
7. Usage analytics (who accesses what, how often)
8. Integration with BI/analytics tools (catalog-aware queries)
## Domain 3: Access Control
1. Role-based access control (RBAC) with regular review
2. Data classification enforcement (labels drive permissions)
3. Least privilege principle (minimal default access)
4. Access request and approval workflows
5. Privileged access management (admin accounts monitored)
6. Access certification (quarterly re-certification of permissions)
7. Anomaly detection (unusual access patterns flagged)
8. De-provisioning automation (access removed on role change/exit)
## Domain 4: Compliance Mapping
1. Regulation inventory (which laws apply, by geography and industry)
2. Control-to-regulation mapping (which controls satisfy which requirements)
3. Data processing records (Article 30 GDPR / equivalent)
4. Consent management (capture, storage, withdrawal tracking)
5. Data subject rights automation (access, deletion, portability)
6. Cross-border transfer compliance (SCCs, adequacy decisions)
7. Breach notification procedures (72-hour GDPR, state-specific)
8. Regular compliance audits (internal + third-party)
## Domain 5: Retention & Lifecycle
1. Retention schedule by data type (contractual, regulatory, operational)
2. Automated archival pipelines (hot → warm → cold → delete)
3. Legal hold management (litigation preservation)
4. Deletion verification (confirmed purge with audit trail)
5. Storage cost optimization (tiered storage aligned to access patterns)
6. Backup and recovery testing (regular restore drills)
7. Data minimization enforcement (collect only what is needed)
8. End-of-life procedures for decommissioned systems
## Domain 6: AI/Agent Data Governance
1. Training data provenance tracking (source, consent, bias review)
2. Model input/output logging (what went in, what came out)
3. PII detection and masking in agent workflows
4. Hallucination monitoring (output accuracy validation)
5. Agent decision audit trail (explainability for automated decisions)
6. Data feedback loops (human review of agent data modifications)
7. Vendor data sharing agreements (what third-party APIs see your data)
8. Synthetic data policies (when and how to use generated data)
## Cost of Poor Governance
| Risk | Average Cost | Prevention Cost |
|------|-------------|-----------------|
| GDPR fine | $4.3M (average 2025) | $45K-$120K/year |
| Data breach | $4.88M (IBM 2025) | $60K-$200K/year |
| Failed audit | $150K-$500K remediation | $30K-$80K/year |
| Bad data decisions | 15-25% revenue impact | $20K-$60K/year |
| AI bias incident | $2M-$50M (litigation + brand) | $25K-$75K/year |
## Remediation Priority Matrix
Always fix in this order:
1. **Compliance gaps** — regulatory fines are existential
2. **Access control** — breaches destroy trust overnight
3. **AI governance** — fastest-growing risk category
4. **Data quality** — garbage in = garbage out at scale
5. **Cataloging** — you cannot govern what you cannot find
6. **Retention** — storage costs compound, legal risk accumulates
## Industry Benchmarks (2026)
| Industry | Avg Governance Score | Top Quartile | Regulatory Pressure |
|----------|---------------------|-------------|-------------------|
| Financial Services | 68% | 85%+ | Extreme (SOX, PCI, GDPR) |
| Healthcare | 62% | 80%+ | High (HIPAA, FDA, state) |
| SaaS/Tech | 55% | 78%+ | Growing (SOC 2, GDPR, CCPA) |
| Manufacturing | 45% | 70%+ | Moderate (ITAR, ISO) |
| Retail/Ecommerce | 48% | 72%+ | Growing (PCI, CCPA, GDPR) |
## Next Steps
Need a complete data governance implementation tailored to your industry?
- [Calculate your AI revenue leak](https://afrexai-cto.github.io/ai-revenue-calculator/)
- [Industry context packs — $47 each](https://afrexai-cto.github.io/context-packs/)
- [Agent setup wizard](https://afrexai-cto.github.io/agent-setup/)